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IT  Standards  Mgmt  Process  & 
Practice  Overview  Topics 


•  Management  processes  for  selection  and 
Prescription  of  IT  Standards 

•  Standards  Compliance  in  the  Acquisition  process 

•  GIG  Technical  Guidance  &  IT  Standards  Architectural 
Relationship 

•  Aligning  standards  management  process  and 
practice  to  enable  efficiencies  in  IT  Acquisition 
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DoD  IT  Standards  Policies 

A  Combat  SvppoK  Aipficy 


•  USC  Title  10,  sec  2223(a)(3)  directs  the  DCIO  to  ensure  that  information 
technology  and  national  security  systems  standards  that  will  apply  throughout 
the  Department  of  Defense  are  prescribed 

•  Defense  Acquisition  System  requires  compliance  with  commercial  standards 

(SecDef  Perry  Memo  (1997)  directed  wholesale  transition  to  non-government  standards  and  performance 
specifications  (Ex:  ANSI,  ITU,  IEEE,  IETF,  W3C) 


•  DoD  Instruction  (DoDI)  4630.8 

-  Implements  a  Capability-Focused  Approach  to  IT  and  NSS  Interoperability  and 
Supportability  throughout  DoD  for  Acquisitions  and  Procurements  (Cites  DoD  IT 
Standards  Registry  (DISR),  GIG  Key  Interface  Profiles  (KIPS)  (transitioned  to  GTPs)) 

•  Chairman  of  the  Joint  Chiefs  of  Staff  Manual  (CJCSM)  3170. 01B 

-  Guidelines  and  Procedures  for  Operation  of  the  Joint  Capabilities  Integration  and 
Development  System  (JCIDS)  Regarding  the  Development  and  Staffing  of  JCIDS 
Documents  (TV-1  and  TV-2  Created  in  DISRonline). 

•  Chairman  of  the  Joint  Chiefs  of  Staff  Instruction  (CJCSI)  6212. OIF  (new!) 

—  NR-KPP  Requirement  for  GTG-F  DISR  resource  use  to  built  StdV-1,  StdV-2 
architectural  artifacts. 
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DoD  Standards  Preference  Hierarchy 


Priority 

Standards  Source  Hierarchy 

V 

Example 

lSt 

International 

ISO,  IEC,  ITU 

2nd 

National 

ANSI 

old 

5 

Professional  Society;  Technology 

IEEE;  IETF;  W3C;  OASIS;  GEIA 

Consortia;  Industry'  Association 

4th 

Government 

FIPS 

-tii 

y 

Military 

MIL-STDS,  STANAGS 

These  rankings  determine  which  standardization  paths  available  for 
consideration  will  provide  the  best  mechanism  for  the  development, 
adoption  and  publishing  of  the  IT  standards  needed  by  DoD 
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•  The  United  States  National  Standards  Strategy  developed  by 
the  American  National  Standards  Institute  (ANSI)  encourages 
the  reliance  on  a  voluntary,  consensus-based  process  to 
develop  market-endorsed  open  standards  that  specifically  to 
meet  DoD  needs. 


By  established  public  law,  judicial  precedent  and  extant  policy,  the 
U.S.  Federal  government  prefers  using  consensus-based  open 
products  from  a  formally  recognized  SDO/SSO  -  a 
body/organization  which  produces  and  distributes  formal  or  de 
jure,  accredited,  publicly  available,  open  standards. 


•  DoD  has  a  longstanding,  established  hierarchy  of  preference  for 
selecting  standards  based  on  their  source.  Note  that  the  5th 
Priority,  Military,  has  its  own  internal  priority  of  international  first 
and  then  DoD  Military  Standards. 
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Standards:  From  Idea  to  DISR 


PISA 

DISR  Commercial  Open 

A  Combat  SuppoK  Ag«f»cy 

Standards  Selection  Criteria 

•  Source  of  the  standard 

-  Recognized  authority 

-  Cooperative  stance 

-  Feedback 

-  Process 

-  Consensus 

•  Openness 

•  Maturity 

-  Planning  horizon 

-  Stability 

-  Revision  content  and 
schedule 

•  Marketplace  support 

-  Acceptance 

-  Commercial  viability 

-  Ownership  •  Usefulness/utility 

-  Control,  intellectual  property  _  well-defined  quality 

right  attributes 

-  User  participation  -  Services  and  application 

-  Vendor  participation  interoperability 

•  Technology  relevance 

-  Applicability  to  DoD 

•  Risk  Issues  regarding 
performance 

-  maturity,  and  stability 

objectives 
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DoD  IT  Standards  Registry 
(DISR)  Overview  Today 


Objectives: 

•  Champions  DoD  CIO’s 
Re-Engagement  of  the  IT 
Sta'ndards  Communities 

•  GTG  Federation  Includes 
IT  Standards  Registry 
Universal  Reference 
Resource 

•  Tri-Annual  Update  of  IT 
Standards  Registry 

•  Tied  to  DoD  CIO  IT 
Standards  Conformance  and 
Compliance  Process 

•  Intelligence  Community 
Cross  Coordination 
(ICSR/ER2) 

•  Improves  DoD  Visibility  and 
Participation  in  IT  Standards 
Development  Organizations 

•  Synchronized  with  GTPs 
To  Facilitate  Standards 
Profiles  Development 
(StdV-1/2) 

•  Standing  IT  Standards 
Working  Groups  Aligned  to 
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Governance 
and  General 
Information 
Wiki 

Policy 

FAQs 

CM 

Procedures 

User  Guides 

Links 

SOP 

POCs 

Change  Request  Management 

Voting  Tool 

Collaboration  Tool 

Evolving  GTG-F 
Enhancements 

1 

GTP  and  Program  Profile 
Selection  Interface 

r  1 

] 

f  DoD/IC  Joint  Mission  Area  } 
Management 

f 

Active  Inactive 
Standards  Bins 

-  Organization  -  Unique 

-  Information/Guidance 

(l/G) 

PM  System 

IT  Standards 
Profile  (StdV-1/2) 
ISP  Selections 

Implementation 

and 

Interoperability 

Guidance 

Links  to 
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Bodies 
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Standards 
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DISR  Mandated  Standards 

Emerging,  Mandated,  and  Sunset  \ 

“Net-Centric”  &  Mandated  Sunset  : 

“Interoperability”  Standards  : 

DoD  IT  Standards  Reaistrv  (DISRonline) 

Lifecycle  Tagged:  Emerging  and  Retired  Standards 

«sa. 


The  DoD  Information 
Enterprise  Architecture 
forms  the  baseline 
principles  for  standards 
applicability  and  guidance 
for  DoD  Programs 


DISR  Architectural  Relevance 
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GTG-Federation  (GTG-F)  Overview 


1  Program  Management  (PM)  Portal  Service 

-  Supports  unclassified  ISP/TISP  data  submissions  for  review  on  the  NIPR  per  the  recent  DoD 
CIO  memo 

-  Allows  PMs  the  ability  to  assign  roles  to  other  program  stakeholders 

-  Visibility  into  comments  allow  the  ability  to  instantly  respond/adjudicate 

-  Integration  via  web  service  with  DITPR  for  quick  program  profile  registration 

-  Business  processes  are  scalable  and  can  be  quickly  updated 

-  Transitions  development,  submission  and  review  process  from  document  to  data-centric 

1  Enhanced  Information  Support  Plan  (EISP)  Enterprise  Service  Version  (ESV) 

-  Turbo  Tax®-like  web  application  which  collects  only  the  valuable  data  required  for  ISPs 

-  Allows  for  automatic  import  of  information,  reducing  time  and  cost  to  produce  ISPs 

-  The  EISP  reduces  development  costs  through  the  reuse  of  information  between  programs 

-  The  EISP  reduces  development  time  through  automatic  import  of  information 

-  The  EISP  standardizes  and  organizes  ISP  requirements  to  facilitate  analysis 

DISR 

-  Repository  of  Information  Related  to  DoD  IT  and  NSS  Standards 

-  DoD  CIO-Prescribed  Standards  Profiles  Mandated  for  Use  Across  DoD  (e.g.,  IPv6,  GIG  KIPs) 

-  Non-Mandated  Reference  Information  Provided  for  Use  by  the  Acquisition  Community 

1  GIG  Technical  Profile  (GTP)  Service 

-  Step  by  step  walkthrough  questionnaire  determines  GTPs  for  programs 

-  DISR  synchronization  to  create  standards  views/publish  profiles 

1  Integrated  Assessment  Module  (1AM)  Service 

-  Auto-staffing  determines  organizations  and  dates  rather  than  performing  manual 
calculations  each  time 

-  On-screen  data  views  allows  quick  access  to  only  pertinent  sections  of  the  ISP  per 
assessor/internal  organization 

-  Increased  quality  through  warnings  and  notifications  during  assessment 

-  Provides  an  automated  process  for  staffing,  providing  comments,  and  adjudicating  issues 

-  PMs  can  adjudicate  comments  in  real  time  to  reduce  the  review  and  approval  timelines 
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PM  Portal  Workflow 
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Principles  Guiding  A  New  Approach  for  Delivering 
Information  Technology  Capabilities  in  the  DoD 

Source:  Nov  2010  OSD  report  to  Congress  Pursuant  to  the  National  Defense 

Authorization  Act  for  Fiscal  Year  2010 

•  Deliver  Early  and  Often:  establish  an  environment  that  supports  deployed  capabilities  every  12  to  18  months 

S  DISR  Baseline  review  cycles  identify  new  and  emerging  technologies  that  are  evaluated  annually  for 
emerging  standards  and  every  three  years  for  Mandated  standards 

•  Incremental  and  Iterative  Development  and  Testing:  incremental  and  iterative  development  and  testing, 
including  the  use  of  prototyping,  yield  better  outcomes  than  trying  to  deploy  large  complex  IT  network  systems  in 
one  "Big  Bang." 

•  Rationalized  Requirements:  users  and  requirements  developers  are  to  embrace  an  enterprise  focus  across  a 

portfolio  of  capabilities  with  established  standards  and  open  modular  platforms  vice  customized  solutions  to 
ensure  interoperability  and  seamless  integration 

S  Unified  Capabilities  Requirements  specify  Commercial  Vendor  build-to/test-to  specs  for  DISR  Standards 
compliance  and  APL  certification  for  DoD  Networks 
(http:// www.  disa.  mil/ucco/apl_process.  html?panel=l#A_Services) 

•S  GTPs  profile  DISR  standard  implementation  and  guidance  to  characterize  Enterprise  Wide  Systems 
Engineering  Solutions  (https://www.intelink.g0v/wiki/P0rtal:GIG_Technical_Guidance) 

•  Flexible/Tailored  Processes:  based  on  principles  acknowledging  unique  types  of  IT  acquisition  and  embracing 
flexible  and  tailored— and  risk-appropriate— IT  paths  based  on  the  characteristics  of  the  proposed  IT  acquisition 

S  Fully  tailorable  fit  for  use  DoDAF  2.0  architectural  representations  guide  the  implementation  of  standards 
profiles  characterizing  enterprise  portfolio  capabilities 

•  Knowledgeable  and  Experienced  IT  Workforce:  a  top  priority  is  to  establish  a  cadre  of  trained  professionals 


A  Combat  SvppoK  Agency 


UNCLASSIFIED 


Strategic  Intent  for  New  IT  Acquisition  Approach 


Source:  Nov  2010  OSD  report  to  Congress  Pursuant  to  the  National  Defense 

Authorization  Act  for  Fiscal  Year  2010 


Short  Duration  projects:  Major  traditional  program  phases,  milestones,  and  accompanying  program  reviews 
will  be  restructured  or  replaced  and  will  include  refashioned  milestone  reviews  conducted  more  frequently  as  in- 
process  reviews  at  key  decision  points  within  the  integrated  governance  structure. 

IT  Systems  Engineering: 

•  Disaggregates  large-scale  information  capabilities  into  a  number  of  smaller  integrated  projects  that  embrace 
established  standards  and  open  modular  platforms  to  ensure  interoperability  and  seamless  integration. 

•  New  emphasis  on  architecting  modular  open-system  enterprise  solutions  to  ensure  proper  integration  and 
interoperability  continuously  throughout  the  life  cycle  of  networks/systems  and  services. 

•  Integrates  project  level,  systems  engineering  with  the  overall  enterprise-level  systems  engineering  approaches 
tailored  to  project  risk  and  the  category  of  information  system  being  procured  or  developed. 

Common  IT  Infrastructures: 

•  Use  of  non-proprietary  interfaces  will  be  emphasized. 

•  Enable  DoD  information  capability  projects  to  take  advantage  of  the  benefits  of  agile  development  methods  and 
rapidly  field  capabilities  that  use  state-of-the-practice  commercial  products,  while  simultaneously  lowering  risk 

•  Emulate  commercial  IT  business  models  which  enables  development  of  modular  applications  that  can  be  rapidly 
deployed  to  reduce  time  to  field  new  capabilities,  increase  competition,  foster  innovation,  reduce  application 
development  costs,  and  establish  a  capability  pipeline  for  future  development 
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Strategic  Intent  for  New  IT  Acquisition  Approach 


Source:  Nov  2010  OSD  report  to  Congress  Pursuant  to  the  National  Defense 

Authorization  Act  for  Fiscal  Year  2010 


Selected  Areas  for  Meeting  the  Strategic  Intent: 

•  Requirements  will  be  documented,  prioritized,  and  traceable  with  clear  linkages  to  performance-based 
metrics,  statute,  or  policies,  consistent  with  the  pace  of  technological  change,  and  will  involve  an 
ongoing  dialogue  between  the  system  developers  and  the  warfighters/end  users.  Requirements  will 
include  Doctrine,  Organization,  Training,  Materiel,  Leadership,  People,  and  Facilities  (DOTMLPF). 

S  GTG  Federation  is  enabling  a  Data-Centric  environment  supporting  development  and  assessment  of  IT 
requirements  and  associated  linkages  to  architecture  and  standards  guidance 

•  Emphasis  will  be  placed  on  architecture  compliance,  standardized  information  definitions,  and 
rationalized  performance  requirements. 

S  GTPs  provide  standards  implementation  guidance  that  links  Program-specific  DoDAF  Standards  views 
to  enterprise  wide  systems  engineering  solutions 

•  Today's  traditional  paper-based  documentation  will  be  consolidated  into  fewer  planning,  execution,  and 
reporting  documents  and  replaced  to  the  maximum  extent  possible  with  on-line  tools  that  increase 
transparency  and  collaboration. 

■S  The  GTG  Federation  is  deploying  a  Data-Centric  capability  that  provides  the  capacity  to  develop  JCIDS 
and  ISP  documentation  requirements  as  XML  data  artifacts  which  speeds  analysis  of  the  standards 
implementation  and  compliance  certification 

•  Outreach  to  industry  will  be  conducted  to  gain  insight  into  commercially  driven  industry  trends. 

S  DoD  active  participation  in  Standards  Development  and  Standards  Setting  Bodies  provides  the 

opportunity  influence  industry  decisions  in  a  way  that  enables  greater  attention  to  DoD  IT 
requirements 
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•  DoD  is  committed  to  Commercial  Standards  and  Architecture 
Practices 

•  Standards  and  Architectures  will  continue  to  move  toward  greater 
seamlessness  in  its  federated  information  and  resources: 

—  An  enterprise  data  repository  and  "Virtual  ISP"  tool: 

•  Makes  standards  and  architecture  data  visible  to  programs  and  assessors 

•  Tailors  technical  documentation  for  specific  programs 

•  Enables  one-stop,  web-enabled,  super-support  mechanism  for  finding  and 
complying  with  GIG  Technical  Documentation 

-  Net-centric  requirements  and  compliance  citations  resident  in  program 
data,  instead  of  in  separate  sets  of  documents 

-  Compliance  and  assessment  now  more  efficient 

•  Remove  paper  from  process  and  develop  data-centric  ISP 

•  Enter  program  data  information  only  once 

•  Facilitate  ISP/NR-KPP  technical  compliance  from  an  architectural  perspective 
UNCLASSIFIED 


Links  and  PoCs 

•  GTG  Wiki  Page: 

-https://WWW.intelink.gOV/wiki/Portal:GIG_TeChnical_GuidanCe 

•  GTG  Federation: 

-https://gtg.csd.disa.mil 

*  EISP  Management  Support: 

-Mr.  Nick  Bruno,  Booz  Allen  Hamilton, 
bruno_nicolas@bah.com,  703-412-7560 

*  GTG  Management  Support: 

-Ms.  Lyla  Moldover,  Booz  Allen  Hamilton, 
moldover_lyla@bah.com,  703-377-4862 
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